How Safe is Anti-Fuse Memory? IBG Protection for Anti-Fuse OTP Memory Security Breaches
|
|
- Osborn Cross
- 6 years ago
- Views:
Transcription
1 How Safe is Anti-Fuse Memory? IBG Protection for Anti-Fuse OTP Memory Security Breaches Overview A global problem that impacts the lives of millions daily is digital life security breaches. One of the major aspects of this issue is anti-fuse OTP (one-time programmable) memory vulnerability, a protection method widely used in semiconductor devices. Anti-fuse OTP can be found in products people use every day, such as cell phones, gaming consoles, RFiD tags, medical devices and more. Anti-fuse memory is considered by some to be the gold standard for secure memory. Once programmed, reverse engineering methods should not reveal memory contents; however, there is a simple, low cost, and fast hacking technique that can be used to read memory contents outside of the anti-fuse IP block. This can lead to the security breaches and identity thefts that make headlines. This article provides an overview of this simple procedure and shows that Invisible Bias Generator (IBG) technology is the only technology that can be used to block this, as well as many other hacking techniques. Anti-Fuse Operation A fuse is a device that has a closed connection that is then opened via a high current or voltage event. In simple terms, anti-fuse is exactly opposite of a fuse; it is a normally open connection that is programmed closed. A CMOS anti-fuse bit cell consists of two NMOS core transistors. Bit Line HV Write Read Sense Amp Data Verisiti, Inc. All Rights Reserved Worldwide. 1
2 There is a program transistor (Write) coupled in series with a select transistor (Read). When a normal supply voltage such as an I/O or core voltage is applied to the gates of the bit cell, no current is sensed along the bit line. The equivalent circuit for the program transistor is a capacitor. Since there is no current that flows along the bit line, the bit cell is 0 by default. When a large programming voltage is applied along the gate of the program transistor, a hard gate oxide breakdown occurs. A resistive path is created. Current flows along the bit line and a 1 is sensed. The 1 s can be programmed at any time. Once it is programmed, it cannot be reverted back to a 0. Anti-Fuse memory generally cannot be hacked using passive, semi-invasive, and invasive methods. Due to the nature of the technology, it is difficult to determine the content of memory. Passive techniques that include using current profiles to determine the word pattern are unsuccessful because the bit cell current for 0s and 1s are much smaller than the current required for sensing or to operate the peripheral circuits in order to read the memory. Invasive techniques including backside attacks or SEM passive voltage contrast are unsuccessful because it is very difficult to isolate the bit cell since it is connected in a cross point array. Furthermore, it is difficult using chemical etching or mechanical polishing to locate oxide breakdown. However, anti-fuse security is contained solely within the array. The signal interface has no protection. Anti-Fuse Hack To describe this hack, a typical anti-fuse IP configuration of a 1 Mbit array interfaced to a microcontroller bus is used. In this case the bus is 16 bits wide and the address range is from 0 to 64K (16 bit address). 16 Data In Write Output Enable 1 Mbit Anti-Fuse Memory 16 The anti-fuse block may be resistant to optical reverse engineering techniques internally but the micro-controller and anti-fuse memory is vulnerable at their interface and can be reversed. Using the net list obtained from this reversal, the metal runs associated with the address and data buses can be easily isolated. In addition, a digital simulation can be initiated that operates properly until the first anti-fuse access occurs. This simulation will reveal the address of the first access. Verisiti, Inc. All Rights Reserved Worldwide. 2
3 Using a Focused Ion Beam (FIB) circuit editor, probe pads can be placed on the data bus metal runs and the value of the first access can be easily observed. This access result allows the simulation to run further and stop at the next anti-fuse access. Again, the simulation reveals the address of the second access, where the data bus probe pads can be observed. A second probe pad is added to the Output Enable metal run in order to qualify the data bus. Now as the micro-controller executes instructions, the data bus is examined automatically and a file is generated which stores the acquired information. Time and Cost of the Hack The main time and cost for the anti-fuse hack would be the reverse engineering time and expense. For a 20K gates design (or as a matter of fact, 20K gates of hacked die), the cost of the reversal would be approximately $20,000 and take 13 weeks to implement, resulting in a net list. The additional FIB edits and monitoring would add $5000 and less than 1 week to the hack total. The final total is 14 weeks and $25,000. This is a conservative estimate. Skilled hackers might perform this procedure in half of the time and at a significantly reduced cost. If the die is larger, the cost and time for the full reversal would be higher. However, if the goal of the hack is to read out cryptography keys, the entire die would not have to be reversed in order to do this. Based on the short time and low cost of this hacking technique, anti-fuse memory security is merely a bump in the road in terms of revealing silicon secrets. IBG One Time Programmable Memory (pibg OTP) Based on Secure Silicon Layer technology, the IBG OTP memory module includes from four to 32 (but not limited to and can be extended to larger arrays) 4-byte pages that can be programmed utilizing an on board charge pump. As in anti-fuse technology, the IBG cell is subjected to high voltage from the charge pump resulting in gate oxide breakdown changing the digital state of the cell. Write Data 8 Charge Pump Write Buffers Clock Write Read Done Timing & Control 4 8 Column Decoder 4/5/6/7 Buffers Row Decoder One Time Programmable IBG Array 32 2 Read Buffers 32 Read Data Verisiti, Inc. All Rights Reserved Worldwide. 3
4 As with anti-fuse memory, it is difficult to determine the content of memory. Passive techniques include using current profiles to determine the word pattern are unsuccessful because the bit cell current for 0s and 1s are much smaller than the current required for sensing or to operate the peripheral circuits in order to read the memory. Invasive techniques including backside attacks or SEM passive voltage contrast are unsuccessful because it is very difficult to isolate the bit cell since it is connected in a cross point array. Also, chemical etching or mechanical polishing to locate oxide breakdown is time consuming and difficult. Additionally, the pibg OTP Memory includes IBG security within it s memory array and incorporates a destructive security shield providing FIB (Focused Ion Beam) edit protection. This protection is extended over the entire die (or any parts of the die). One single FIB edit through the screen will destroy the entire IBG OTP Memory s contents by causing gate oxide breakdown in all of the memory cells protecting the original programmed data. Programmable Invisible Bias Generator Technology Using pibg OTP technology, a destructive shield can be placed over the entire die removing the ability to access the internal address, data, or control signals. The resultant security shield adds FIB edit protection to the design. FIB, the design and the cryptography keys are erased. IBG Destructive Shield Anti-Fuse Array IGB OTP Micro-Controller In order to add full IBG protection to an anti-fuse Memory array, one suggested configuration uses a Trivium stream cryptography engine to decrypt the read data from the anti-fuse array. Prior to use at program time, the encrypted data is written into the anti-fuse array based on externally generated cryptography keys. This configuration uses the pibg OTP memory to store the cryptography keys. This ensures that the contents of the anti-fuse array is tied directly to the pibg OTP memory so during a FIB edit process the keys will be lost and the contents of the antifuse array protected. In this mode, the pibg OTP block can be considered a Physical Un-clonable Function (PUF) since each key set can be programmed differently for each die. Unlike other PUF devices, the pibg OTP cannot be examined or probed. IBG OTP 160 bit Key From Anti-Fuse Array Trivium Stream Encryption To Micro-Controller Verisiti, Inc. All Rights Reserved Worldwide. 4
5 Conclusions Verisiti s pibg OTP memory is the missing link in secure storage. Without FIB edit protection nothing can be hidden in silicon, including important boot code, software or complex cryptography keys. Hacks can take just a few weeks and cost less than $30,000. This pibg protection applies to other non-volatile memories such as FLASH, EEPROM, and FRAM arrays. Like anti-fuse technology, these arrays are difficult to monitor and reverse engineer at the cell level, but are subject to interface attacks and hacks. Because a FIB attack causes all of the pibg OTP memory bits to be programmed, Verisiti s pibg OTP memory achieves FIPS level 4 security status without the use of an internal charge pump. (FIPS level 4 defines an ultimate protection around semiconductor chip cryptographic modules and immediate zeroization of the memory array upon intrusion.) The IBG and pibg protection methods described above meet this requirement without any software intervention. At Verisiti, we believe IBG and pibg solutions are the only true FIPS level 4 compliant solution due to their builtin, chip-level compliance. With pibg anti-fib technology, secrets can be secured in semiconductors. Verisiti, Inc. All Rights Reserved Worldwide. 5
IBG Protection for Anti-Fuse OTP Memory Security Breaches
IBG Protection for Anti-Fuse OTP Memory Security Breaches Overview Anti-Fuse Memory IP is considered by some to be the gold standard for secure memory. Once programmed, reverse engineering methods will
More informationHow microprobing can attack encrypted memory
How microprobing can attack encrypted memory Sergei Skorobogatov http://www.cl.cam.ac.uk/~sps32 email: sps32@cam.ac.uk Introduction Hardware Security research since 1995 testing microcontrollers and smartcards
More informationCOMP3221: Microprocessors and. and Embedded Systems. Overview. Lecture 23: Memory Systems (I)
COMP3221: Microprocessors and Embedded Systems Lecture 23: Memory Systems (I) Overview Memory System Hierarchy RAM, ROM, EPROM, EEPROM and FLASH http://www.cse.unsw.edu.au/~cs3221 Lecturer: Hui Wu Session
More information2/13/2014. What is Tamper Resistance? IBM s Attacker Categories. Protection Levels. Classification Of Physical Attacks.
What is Tamper Resistance? Physical and Tamper Resistance Mohammad Tehranipoor Updated/Modified by Siavash Bayat Sarmadi Resistance to tampering the device by either normal users or systems or others with
More informationReverse Engineering Techniques in CMOS Based Non-Volatile Memory (NVM)
Reverse Engineering Techniques in CMOS Based Non-Volatile Memory (NVM) EMBEDDED SRAM & NVM LOGIC LIBRARIES EMBEDDED T&R MEMORY DEVELOPMENT SW INTERFACE IP Agenda Applications Requiring Standard CMOS NVM
More informationOptical Fault Masking Attacks. Sergei Skorobogatov
Sergei Skorobogatov http://www.cl.cam.ac.uk/~sps32 email: sps32@cam.ac.uk Introduction Memory modification attacks were actively used in mid 90s to circumvent the security in microcontrollers In old chips
More informationFPGA Programming Technology
FPGA Programming Technology Static RAM: This Xilinx SRAM configuration cell is constructed from two cross-coupled inverters and uses a standard CMOS process. The configuration cell drives the gates of
More informationMagnetic core memory (1951) cm 2 ( bit)
Magnetic core memory (1951) 16 16 cm 2 (128 128 bit) Semiconductor Memory Classification Read-Write Memory Non-Volatile Read-Write Memory Read-Only Memory Random Access Non-Random Access EPROM E 2 PROM
More informationCMPE 415 Programmable Logic Devices FPGA Technology I
Department of Computer Science and Electrical Engineering CMPE 415 Programmable Logic Devices FPGA Technology I Prof. Ryan Robucci Some slides (blue-frame) developed by Jim Plusquellic Some images credited
More informationFlash Memory Bumping Attacks
Flash Memory Bumping Attacks Sergei Skorobogatov http://www.cl.cam.ac.uk/~sps32 email: sps32@cam.ac.uk Introduction Data protection with integrity check verifying memory integrity without compromising
More informationMemory address scrambling revealed using fault attacks
Memory address scrambling revealed using fault attacks Jacques Fournier CEA-LETI jacques.fournier@cea.fr Philippe Loubet-Moundi GEMALTO philippe.loubet-moundi@gemalto.com 1 General Context Attacks on security
More informationLSN 6 Programmable Logic Devices
LSN 6 Programmable Logic Devices Department of Engineering Technology LSN 6 What Are PLDs? Functionless devices in base form Require programming to operate The logic function of the device is programmed
More informationChallenges for Non Volatile Memory (NVM) for Automotive High Temperature Operating Conditions Alexander Muffler
Challenges for Non Volatile Memory (NVM) for Automotive High Temperature Operating Conditions Alexander Muffler Product Marketing Manager Automotive, X-FAB Outline Introduction NVM Technology & Design
More informationOrganization. 5.1 Semiconductor Main Memory. William Stallings Computer Organization and Architecture 6th Edition
William Stallings Computer Organization and Architecture 6th Edition Chapter 5 Internal Memory 5.1 Semiconductor Main Memory 5.2 Error Correction 5.3 Advanced DRAM Organization 5.1 Semiconductor Main Memory
More informationWilliam Stallings Computer Organization and Architecture 6th Edition. Chapter 5 Internal Memory
William Stallings Computer Organization and Architecture 6th Edition Chapter 5 Internal Memory Semiconductor Memory Types Semiconductor Memory RAM Misnamed as all semiconductor memory is random access
More informationMicrocontroller Systems. ELET 3232 Topic 11: General Memory Interfacing
Microcontroller Systems ELET 3232 Topic 11: General Memory Interfacing 1 Objectives To become familiar with the concepts of memory expansion and the data and address bus To design embedded systems circuits
More information8051 INTERFACING TO EXTERNAL MEMORY
8051 INTERFACING TO EXTERNAL MEMORY Memory Capacity The number of bits that a semiconductor memory chip can store Called chip capacity It can be in units of Kbits (kilobits), Mbits (megabits), and so on
More informationSense Amplifiers 6 T Cell. M PC is the precharge transistor whose purpose is to force the latch to operate at the unstable point.
Announcements (Crude) notes for switching speed example from lecture last week posted. Schedule Final Project demo with TAs. Written project report to include written evaluation section. Send me suggestions
More information6.857 L17. Secure Processors. Srini Devadas
6.857 L17 Secure Processors Srini Devadas 1 Distributed Computation Example: Distributed Computation on the Internet (SETI@home, etc.) Job Dispatcher Internet DistComp() { x = Receive(); result = Func(x);
More informationInternal Memory. Computer Architecture. Outline. Memory Hierarchy. Semiconductor Memory Types. Copyright 2000 N. AYDIN. All rights reserved.
Computer Architecture Prof. Dr. Nizamettin AYDIN naydin@yildiz.edu.tr nizamettinaydin@gmail.com Internal Memory http://www.yildiz.edu.tr/~naydin 1 2 Outline Semiconductor main memory Random Access Memory
More informationCOMP2121: Microprocessors and Interfacing. Introduction to Microprocessors
COMP2121: Microprocessors and Interfacing Introduction to Microprocessors http://www.cse.unsw.edu.au/~cs2121 Lecturer: Hui Wu Session 2, 2017 1 1 Contents Processor architectures Bus Memory hierarchy 2
More informationChapter 5 Internal Memory
Chapter 5 Internal Memory Memory Type Category Erasure Write Mechanism Volatility Random-access memory (RAM) Read-write memory Electrically, byte-level Electrically Volatile Read-only memory (ROM) Read-only
More informationSamsung K9GAG08U0M-PCB0 16 Gbit Multi-Level Cell (MLC) 51 nm Process Technology NAND Flash Memory
Samsung K9GAG08U0M-PCB0 16 Gbit Multi-Level Cell (MLC) 51 nm Process Technology NAND Flash Memory Structural Analysis with Additional Layout Feature Analysis For comments, questions, or more information
More informationMemory classification:- Topics covered:- types,organization and working
Memory classification:- Topics covered:- types,organization and working 1 Contents What is Memory? Cache Memory PC Memory Organisation Types 2 Memory what is it? Usually we consider this to be RAM, ROM
More informationECSE-2610 Computer Components & Operations (COCO)
ECSE-2610 Computer Components & Operations (COCO) Part 18: Random Access Memory 1 Read-Only Memories 2 Why ROM? Program storage Boot ROM for personal computers Complete application storage for embedded
More informationAltaSens A5262-4T 4.5 Megapixel CMOS Image Sensor 0.18 µm IBM Process
AltaSens A5262-4T 4.5 Megapixel CMOS Image Sensor 0.18 µm IBM Process Imager Process Review For comments, questions, or more information about this report, or for any additional technical needs concerning
More informationComputer Organization. 8th Edition. Chapter 5 Internal Memory
William Stallings Computer Organization and Architecture 8th Edition Chapter 5 Internal Memory Semiconductor Memory Types Memory Type Category Erasure Write Mechanism Volatility Random-access memory (RAM)
More informationLecture Objectives. Introduction to Computing Chapter 0. Topics. Numbering Systems 04/09/2017
Lecture Objectives Introduction to Computing Chapter The AVR microcontroller and embedded systems using assembly and c Students should be able to: Convert between base and. Explain the difference between
More informationHardware Design with VHDL PLDs I ECE 443. FPGAs can be configured at least once, many are reprogrammable.
PLDs, ASICs and FPGAs FPGA definition: Digital integrated circuit that contains configurable blocks of logic and configurable interconnects between these blocks. Key points: Manufacturer does NOT determine
More informationCMOS Logic Circuit Design Link( リンク ): センター教官講義ノートの下 CMOS 論理回路設計
CMOS Logic Circuit Design http://www.rcns.hiroshima-u.ac.jp Link( リンク ): センター教官講義ノートの下 CMOS 論理回路設計 Memory Circuits (Part 1) Overview of Memory Types Memory with Address-Based Access Principle of Data Access
More informationConcept of Memory. The memory of computer is broadly categories into two categories:
Concept of Memory We have already mentioned that digital computer works on stored programmed concept introduced by Von Neumann. We use memory to store the information, which includes both program and data.
More informationA Novel Methodology to Debug Leakage Power Issues in Silicon- A Mobile SoC Ramp Production Case Study
A Novel Methodology to Debug Leakage Power Issues in Silicon- A Mobile SoC Ramp Production Case Study Ravi Arora Co-Founder & CTO, Graphene Semiconductors India Pvt Ltd, India ABSTRACT: As the world is
More informationSharp NC µm Pixel CCD Image Sensor
Sharp NC9610 1.75 µm Pixel CCD Image Sensor Imager Process Review For comments, questions, or more information about this report, or for any additional technical needs concerning semiconductor technology,
More informationDigital Systems. Semiconductor memories. Departamentul de Bazele Electronicii
Digital Systems Semiconductor memories Departamentul de Bazele Electronicii Outline ROM memories ROM memories PROM memories EPROM memories EEPROM, Flash, MLC memories Applications with ROM memories extending
More informationNVIDIA Tegra T20-H-A2 Application Processor TSMC 40 nm Low Power CMOS Process
NVIDIA Tegra T20-H-A2 Application Processor TSMC 40 nm Low Power CMOS Process Structural Analysis 3685 Richmond Road, Suite 500, Ottawa, ON K2H 5B7 Canada Tel: 613-829-0414 www.chipworks.com Structural
More informationInformation Security Theory vs. Reality
Information Security Theory vs. Reality 0368-4474, Winter 2015-2016 Lecture 8: Hardware security (2/2), Leakage/tamper resilience (1/2) Lecturer: Eran Tromer 1 Hardware security Invasive attacks (continued)
More informationEE 308: Microcontrollers
EE 308: Microcontrollers AVR Architecture Aly El-Osery Electrical Engineering Department New Mexico Institute of Mining and Technology Socorro, New Mexico, USA January 23, 2018 Aly El-Osery (NMT) EE 308:
More information! Memory Overview. ! ROM Memories. ! RAM Memory " SRAM " DRAM. ! This is done because we can build. " large, slow memories OR
ESE 57: Digital Integrated Circuits and VLSI Fundamentals Lec 2: April 5, 26 Memory Overview, Memory Core Cells Lecture Outline! Memory Overview! ROM Memories! RAM Memory " SRAM " DRAM 2 Memory Overview
More informationEE141-Fall 2007 Digital Integrated Circuits. ROM and Flash. Announcements. Read-Only Memory Cells. Class Material. Semiconductor Memory Classification
EE4-Fall 2007 igital Integrated Circuits Lecture 29 ROM, Flash, and RAM ROM and Flash 4 4 Announcements Final ec. 20 th Room TBA Final review sessions: Mon. ec. 7 th 3:30pm, 550 Cory Tues. ec. 7 th 3:30pm,
More informationChip Lifecycle Security Managing Trust and Complexity
Chip Lifecycle Security Managing Trust and Complexity Dr. Martin Scott July 2016 Connected Endpoints Are The New Mobile 2 50 billion connected devices by 2020 Unprecedented Data Proliferation Cloud Endpoint
More informationAT90SDC10X Summary Datasheet
AT90SDC10X Summary Datasheet Features General twincore Secure Dual Core Architecture - 135 Powerful s (Most Executed in a Single Clock Cycle) Total isolation between Master & Secure Cores Secure Inter-Core
More information10/24/2016. Let s Name Some Groups of Bits. ECE 120: Introduction to Computing. We Just Need a Few More. You Want to Use What as Names?!
University of Illinois at Urbana-Champaign Dept. of Electrical and Computer Engineering ECE 120: Introduction to Computing Memory Let s Name Some Groups of Bits I need your help. The computer we re going
More informationChapter 4 Main Memory
Chapter 4 Main Memory Course Outcome (CO) - CO2 Describe the architecture and organization of computer systems Program Outcome (PO) PO1 Apply knowledge of mathematics, science and engineering fundamentals
More information(12) (10) Patent N0.: US 6,879,518 B1. Curry (45) Date of Patent: Apr. 12, 2005
United States Patent US006879518B1 (12) (10) Patent N0.: Curry (45) Date of Patent: Apr. 12, 2005 (54) EMBEDDED MEMORY WITH SECURITY 6,076,149 A * 6/2000 Usami et a1...... 711/163 ROW LOCK PROTECTION 6,088,262
More information28F K (256K x 8) FLASH MEMORY
28F020 2048K (256K x 8) FLASH MEMOR SmartDie Product Specification Flash Electrical Chip Erase 2 Second Typical Chip Erase Quick-Pulse Programming Algorithm 10 ms Typical Byte Program 4 Second Chip Program
More informationMemory. Outline. ECEN454 Digital Integrated Circuit Design. Memory Arrays. SRAM Architecture DRAM. Serial Access Memories ROM
ECEN454 Digital Integrated Circuit Design Memory ECEN 454 Memory Arrays SRAM Architecture SRAM Cell Decoders Column Circuitry Multiple Ports DRAM Outline Serial Access Memories ROM ECEN 454 12.2 1 Memory
More informationBasic Organization Memory Cell Operation. CSCI 4717 Computer Architecture. ROM Uses. Random Access Memory. Semiconductor Memory Types
CSCI 4717/5717 Computer Architecture Topic: Internal Memory Details Reading: Stallings, Sections 5.1 & 5.3 Basic Organization Memory Cell Operation Represent two stable/semi-stable states representing
More informationMemory Overview. Overview - Memory Types 2/17/16. Curtis Nelson Walla Walla University
Memory Overview Curtis Nelson Walla Walla University Overview - Memory Types n n n Magnetic tape (used primarily for long term archive) Magnetic disk n Hard disk (File, Directory, Folder) n Floppy disks
More informationNew Embedded NVM architectures
New Embedded NVM architectures for Secure & Low Power Microcontrollers Jean DEVIN, Bruno LECONTE Microcontrollers, Memories & Smartcard Group STMicroelectronics 11 th LETI Annual review, June 24th, 2009
More information+1 (479)
Memory Courtesy of Dr. Daehyun Lim@WSU, Dr. Harris@HMC, Dr. Shmuel Wimer@BIU and Dr. Choi@PSU http://csce.uark.edu +1 (479) 575-6043 yrpeng@uark.edu Memory Arrays Memory Arrays Random Access Memory Serial
More informationSemiconductor Memories: RAMs and ROMs
Semiconductor Memories: RAMs and ROMs Lesson Objectives: In this lesson you will be introduced to: Different memory devices like, RAM, ROM, PROM, EPROM, EEPROM, etc. Different terms like: read, write,
More informationOptical Fault Masking Attacks
Optical Fault Masking Attacks Sergei Skorobogatov Computer Laboratory University of Cambridge Cambridge, United Kingdom e-mail: sps32@cam.ac.uk Abstract This paper introduces some new types of optical
More informationTamper Resistance - a Cautionary Note Ross Anderson Markus Kuhn
Tamper Resistance - a Cautionary Note Ross Anderson University of Cambridge Computer Laboratory Markus Kuhn University of Erlangen/ Purdue University Applications of Tamper Resistant Modules Security of
More informationECEN 449 Microprocessor System Design. Memories
ECEN 449 Microprocessor System Design Memories 1 Objectives of this Lecture Unit Learn about different types of memories SRAM/DRAM/CAM /C Flash 2 1 SRAM Static Random Access Memory 3 SRAM Static Random
More informationProgrammable Logic Devices Introduction CMPE 415. Programmable Logic Devices
Instructor: Professor Jim Plusquellic Programmable Logic Devices Text: The Design Warrior s Guide to FPGAs, Devices, Tools and Flows, Clive "Max" Maxfield, ISBN: 0-7506-7604-3 Modeling, Synthesis and Rapid
More informationOutline. Trusted Design in FPGAs. FPGA Architectures CLB CLB. CLB Wiring
Outline Trusted Design in FPGAs Mohammad Tehranipoor ECE6095: Hardware Security & Trust University of Connecticut ECE Department Intro to FPGA Architecture FPGA Overview Manufacturing Flow FPGA Security
More informationVery Large Scale Integration (VLSI)
Very Large Scale Integration (VLSI) Lecture 8 Dr. Ahmed H. Madian ah_madian@hotmail.com Content Array Subsystems Introduction General memory array architecture SRAM (6-T cell) CAM Read only memory Introduction
More informationSecuring IoT devices with STM32 & STSAFE Products family. Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region
Securing IoT devices with STM32 & STSAFE Products family Fabrice Gendreau Secure MCUs Marketing & Application Managers EMEA Region 2 The leading provider of products and solutions for Smart Driving and
More information(Advanced) Computer Organization & Architechture. Prof. Dr. Hasan Hüseyin BALIK (5 th Week)
+ (Advanced) Computer Organization & Architechture Prof. Dr. Hasan Hüseyin BALIK (5 th Week) + Outline 2. The computer system 2.1 A Top-Level View of Computer Function and Interconnection 2.2 Cache Memory
More informationDynamic Behavior of RS latches using FIB processing and probe connection
Dynamic Behavior of RS latches using FIB processing and probe connection Naoya Torii 1,2, Dai Yamamoto 1, Masahiko Takenaka 1, and Tsutomu Matsumoto 2 1 Secure Computing Laboratory, Fujitsu Laboratories
More informationRead-only memory Implementing logic with ROM Programmable logic devices Implementing logic with PLDs Static hazards
Points Addressed in this Lecture Lecture 7: ROM Programmable Logic Devices Professor Peter Cheung Department of EEE, Imperial College London Read-only memory Implementing logic with ROM Programmable logic
More informationPOWER ANALYSIS RESISTANT SRAM
POWER ANALYSIS RESISTANT ENGİN KONUR, TÜBİTAK-UEKAE, TURKEY, engin@uekae.tubitak.gov.tr YAMAN ÖZELÇİ, TÜBİTAK-UEKAE, TURKEY, yaman@uekae.tubitak.gov.tr EBRU ARIKAN, TÜBİTAK-UEKAE, TURKEY, ebru@uekae.tubitak.gov.tr
More informationIntroduction to Semiconductor Memory Dr. Lynn Fuller Webpage:
ROCHESTER INSTITUTE OF TECHNOLOGY MICROELECTRONIC ENGINEERING Introduction to Semiconductor Memory Webpage: http://people.rit.edu/lffeee 82 Lomb Memorial Drive Rochester, NY 14623-5604 Tel (585) 475-2035
More informationPLAs & PALs. Programmable Logic Devices (PLDs) PLAs and PALs
PLAs & PALs Programmable Logic Devices (PLDs) PLAs and PALs PLAs&PALs By the late 1970s, standard logic devices were all the rage, and printed circuit boards were loaded with them. To offer the ultimate
More informationLayout Analysis Embedded Memory
Sample Report For any additional technical needs concerning semiconductor and electronics technology, please call Sales at Chipworks. 3685 Richmond Road, Suite 500, Ottawa, ON K2H 5B7, Canada Tel: 613.829.0414
More informationWilliam Stallings Computer Organization and Architecture 8th Edition. Chapter 5 Internal Memory
William Stallings Computer Organization and Architecture 8th Edition Chapter 5 Internal Memory Semiconductor Memory The basic element of a semiconductor memory is the memory cell. Although a variety of
More informationECE321 Electronics I
ECE321 Electronics I Lecture 28: DRAM & Flash Memories Payman Zarkesh-Ha Office: ECE Bldg. 230B Office hours: Tuesday 2:00-3:00PM or by appointment E-mail: payman@ece.unm.edu Slide: 1 Review of Last Lecture
More informationSecure Design Methodology and The Tree of Trust
Secure Design Methodology and The Tree of Trust Secure Embedded Systems Group ECE Department Virginia Tech The new Cool: Reverse Engineering... Microsoft Zune (http://bunniestudios.com) Under the Hood
More informationVery Large Scale Integration (VLSI)
Very Large Scale Integration (VLSI) Lecture 6 Dr. Ahmed H. Madian Ah_madian@hotmail.com Dr. Ahmed H. Madian-VLSI 1 Contents FPGA Technology Programmable logic Cell (PLC) Mux-based cells Look up table PLA
More informationChapter 7 Physical Attacks and Tamper Resistance
Chapter 7 Physical Attacks and Tamper Resistance Sergei Skorobogatov Many semiconductor chips used in a wide range of applications require protection against physical attacks or tamper resistance. These
More informationLiteracy for Integrated Circuit Reverse Engineering
Literacy for Integrated Circuit Reverse Engineering Alex Radocea 1 Now bringing pain to the adversary at worked security at a large tech company worked security at matasano learned c and unix from swedish
More informationCREATED BY M BILAL & Arslan Ahmad Shaad Visit:
CREATED BY M BILAL & Arslan Ahmad Shaad Visit: www.techo786.wordpress.com Q1: Define microprocessor? Short Questions Chapter No 01 Fundamental Concepts Microprocessor is a program-controlled and semiconductor
More informationChapter Two - SRAM 1. Introduction to Memories. Static Random Access Memory (SRAM)
1 3 Introduction to Memories The most basic classification of a memory device is whether it is Volatile or Non-Volatile (NVM s). These terms refer to whether or not a memory device loses its contents when
More informationActel s SX Family of FPGAs: A New Architecture for High-Performance Designs
Actel s SX Family of FPGAs: A New Architecture for High-Performance Designs A Technology Backgrounder Actel Corporation 955 East Arques Avenue Sunnyvale, California 94086 April 20, 1998 Page 2 Actel Corporation
More informationWhite Paper FPGA Design Security Issues: Using the ispxpga Family of FPGAs to Achieve High Design Security
White Paper FPGA Design Security Issues: Using the ispxpga Family of FPGAs to Achieve High Design Security December 2003 5555 Northeast Moore Court Hillsboro, Oregon 97124 USA Telephone: (503) 268-8000
More informationELCT 912: Advanced Embedded Systems
Advanced Embedded Systems Lecture 2: Memory and Programmable Logic Dr. Mohamed Abd El Ghany, Memory Random Access Memory (RAM) Can be read and written Static Random Access Memory (SRAM) Data stored so
More informationHigh-Voltage Structured ASICs for Industrial Applications - A Single Chip Solution
High-Voltage Structured ASICs for Industrial Applications - A Single Chip Solution Yipin Zhang, Cor Scherjon Institut für Mikroelektronik Stuttgart Allmandring 30 a 70569 Stuttgart This paper presents
More informationGrundlagen Microcontroller Memory. Günther Gridling Bettina Weiss
Grundlagen Microcontroller Memory Günther Gridling Bettina Weiss 1 Lecture Overview Memory Memory Types Address Space Allocation 2 Memory Requirements What do we want to store? program constants (e.g.
More informationChapter 6. Digital Components
1 1. Introduction. 2. Integrated Circuits 3. Decoders: 4. NAND gate Decoder : 5. Decoder Expansion : 6. Encoder 7. Memory Units Random-Access Memory Read Only Memory 8. Types of ROMs Chapter 6 Digital
More informationOPERATIONAL UP TO. 300 c. Microcontrollers Memories Logic
OPERATIONAL UP TO 300 c Microcontrollers Memories Logic Whether You Need an ASIC, Mixed Signal, Processor, or Peripheral, Tekmos is Your Source for High Temperature Electronics Using either a bulk silicon
More informationOutline. Field Programmable Gate Arrays. Programming Technologies Architectures. Programming Interfaces. Historical perspective
Outline Field Programmable Gate Arrays Historical perspective Programming Technologies Architectures PALs, PLDs,, and CPLDs FPGAs Programmable logic Interconnect network I/O buffers Specialized cores Programming
More informationMemory Study Material
Computer memory refers to the devices that are used to store data or programs on a temporary or permanent basis for use in a computer. Any data or instruction entered into the memory of a computer is considered
More informationFPGA VHDL Design Flow AES128 Implementation
Sakinder Ali FPGA VHDL Design Flow AES128 Implementation Field Programmable Gate Array Basic idea: two-dimensional array of logic blocks and flip-flops with a means for the user to configure: 1. The interconnection
More informationDesign and Implementation of an AHB SRAM Memory Controller
Design and Implementation of an AHB SRAM Memory Controller 1 Module Overview Learn the basics of Computer Memory; Design and implement an AHB SRAM memory controller, which replaces the previous on-chip
More informationA Single Poly Flash Memory Intellectual Property for Low-Cost, Low-Density Embedded Nonvolatile Memory Applications
Journal of the Korean Physical Society, Vol. 41, No. 6, December 2002, pp. 846 850 A Single Poly Flash Memory Intellectual Property for Low-Cost, Low-Density Embedded Nonvolatile Memory Applications Jai-Cheol
More informationNan Ya NT5DS32M8BT-6K 256 Mbit DDR SDRAM Structural Analysis
May 26, 2004 Nan Ya NT5DS32M8BT-6K 256 Mbit DDR SDRAM Structural Analysis For questions, comments, or more information about this report, or for any additional technical needs concerning semiconductor
More informationTexas Instruments TMX320TCI6488ZUNV Baseband Processor System on a Chip
Texas Instruments TMX320TCI6488ZUNV Baseband Processor System on a Chip Structural Analysis For comments, questions, or more information about this report, or for any additional technical needs concerning
More informationMEMORIES. Memories. EEC 116, B. Baas 3
MEMORIES Memories VLSI memories can be classified as belonging to one of two major categories: Individual registers, single bit, or foreground memories Clocked: Transparent latches and Flip-flops Unclocked:
More informationDesign of an EEPROM for a MCU with the Wide Voltage Range
316 JOURNAL OF SEMICONDUCTOR TECHNOLOGY AND SCIENCE, VOL.10, NO.4, DECEMBER, 2010 Design of an EEPROM for a MCU with the Wide Voltage Range Du-Hwi Kim, Ji-Hye Jang, Liyan Jin, Pan-Bong Ha, and Young-Hee
More informationRead and Write Cycles
Read and Write Cycles The read cycle is shown. Figure 41.1a. The RAS and CAS signals are activated one after the other to latch the multiplexed row and column addresses respectively applied at the multiplexed
More informationECEN 449 Microprocessor System Design. Memories. Texas A&M University
ECEN 449 Microprocessor System Design Memories 1 Objectives of this Lecture Unit Learn about different types of memories SRAM/DRAM/CAM Flash 2 SRAM Static Random Access Memory 3 SRAM Static Random Access
More informationTABLE OF CONTENTS 1.0 PURPOSE INTRODUCTION ESD CHECKS THROUGHOUT IC DESIGN FLOW... 2
TABLE OF CONTENTS 1.0 PURPOSE... 1 2.0 INTRODUCTION... 1 3.0 ESD CHECKS THROUGHOUT IC DESIGN FLOW... 2 3.1 PRODUCT DEFINITION PHASE... 3 3.2 CHIP ARCHITECTURE PHASE... 4 3.3 MODULE AND FULL IC DESIGN PHASE...
More informationCOA. Prepared By: Dhaval R. Patel Page 1. Q.1 Define MBR.
Q.1 Define MBR. MBR( Memory buffer register) A Memory Buffer Register (MBR) is the register in a computers processor that stores the data being transferred to and from the devices It allowing the processor
More informationTexas Instruments S W Digital Micromirror Device
Texas Instruments S1076-6318W MEMS Process Review with Supplementary TEM Analysis For comments, questions, or more information about this report, or for any additional technical needs concerning semiconductor
More informationIntroduction 1. GENERAL TRENDS. 1. The technology scale down DEEP SUBMICRON CMOS DESIGN
1 Introduction The evolution of integrated circuit (IC) fabrication techniques is a unique fact in the history of modern industry. The improvements in terms of speed, density and cost have kept constant
More informationMEMORY BHARAT SCHOOL OF BANKING- VELLORE
A memory is just like a human brain. It is used to store data and instructions. Computer memory is the storage space in computer where data is to be processed and instructions required for processing are
More informationNokia N90 (Toshiba ET8EA3-AS) 2.0 Megapixel CMOS Image Sensor Process Review
November 21, 2005 Nokia N90 (Toshiba ET8EA3-AS) 2.0 Megapixel CMOS Image Sensor Process Review For comments, questions, or more information about this report, or for any additional technical needs concerning
More informationLecture Notes 20 : Smartcards, side channel attacks
6.857 Computer and Network Security November 14, 2002 Lecture Notes 20 : Smartcards, side channel attacks Lecturer: Ron Rivest Scribe: Giffin/Greenstadt/Plitwack/Tibbetts [These notes come from Fall 2001.
More informationRAM (RANDOM ACCESS MEMORY)
RAM (RANDOM ACCESS MEMORY) INTRODUCTION RAM is acronym used for Random Access Memory. Virtually all the computers now or then depend on memory to perform all its functions. Without RAM it becomes impossible
More informationProvisioning secure Identity for Microcontroller based IoT Devices
Provisioning secure Identity for Microcontroller based IoT Devices Mark Schaeffer, Sr. Product Marketing Manager, Security Solutions Synergy IoT Platform Business Division, Renesas Electronics, Inc. May
More information